Senior Cybersecurity Analyst

About The Position

Requirements

• Undergraduate degree in computer science, engineering or related field and/or 5+ years working in a security operations center or information security related department
• 5+ years' experience of using SIEM and EDR tools to build alerts and dashboards
• Have strong hands-on experience with SIEM and vulnerability tools, Endpoint Detection and Response Tools for incident response
• Experience with and strong understanding of: Administering Data Loss Prevention tools
• IT security regulations and best practices
• IT audit frameworks like COBiT, ITIL and NIST
• Hardening applications and OSs including Windows and Linux
• TCP/IP, LAN, WAN and endpoint security technologies
• Malware/Sandboxing/Advanced Threat Protection
• Visio
• Proven analytical and problem-solving abilities
• Strong interpersonal, written, and oral communication skills.
• Ability to prioritize and execute tasks in a high-pressure environment and make sound decisions in emergency and stressful situations
• Able to conduct research into issues and products as required; keen attention to detail
• Highly self-motivated and directed
• Experience working in a team-oriented, collaborative environment

Nice To Haves

• CISSP or CISA preferred
• Previous experience in the financial services industry is a plus
• Security certifications preferred (e.g., SANS, ISC2, ISCAC and EC-Council)
• Cloud security specific certification preferred (e.g., AWS, GCP, Cloud+)

Responsibilities

• Threat Monitoring & Incident Response Lead proactive monitoring of security events and alerts using SIEM and EDR tools
• Investigate, analyze, and respond to cybersecurity incidents and breaches
• Functions as the secondary responder to the MSSP for security incidents, ensuring timely escalation and support coverage during nights, weekends, and on a 24/7 basis when operationally required
• Coordinate incident response and forensics efforts across IT and business units
• Develop and maintain incident response playbooks and procedures
• Works with SIEM solution to improve log analysis and correlation, build dashboards to show alerting and security posture
• Execute and improve the core functions of incident response including threat detection and prevention, incident response, systems and network security monitoring, forensics and vulnerability management at enterprise scale
• Review alerts and data from systems and responds appropriately, including documentation and escalation
• Ensure the monitoring of intrusion detection and security information management systems to discover and mitigate malicious activity on networks if any detected
• Develop tactical response procedures for security incidents
• Recommend and implement mitigating actions to contain incident related activity
• Act as point-person for investigations of security violations through endpoint and network forensics
• Review computer security incident reports and anomalous activity of network and ensures ongoing proactive measures to mitigate risks
• Risk Management & Vulnerability Assessment Conduct regular vulnerability scans, penetration testing coordination, and remediation tracking.
• Coordinate with internal IT engineers to prioritize patching efforts
• Work with third party penetration testing providers to review FEI environments
• Assess emerging threats and propose strategies to mitigate risks
• Maintain and report on the organization’s risk posture and security KPIs
• Security Architecture & Governance Administer and optimize various tools including Endpoint Detection, SIEM, IDS/IPS, Data Classification, anti-virus and anti-malware systems
• Advise on secure design principles for infrastructure, applications, and cloud environments
• Attend threat intelligence calls and updates with current Managed security service Provider; assist in managing the relationship and services with our MSSP
• Review and enhance cybersecurity policies, standards, and procedures
• Ensure compliance with frameworks such as NIST, ISO 27001, CIS Controls, and regulatory mandates (e.g., GDPR, SOX, SEC, FINRA)
• Responsible for building and maintaining Information Security metrics, reports and dashboards working with the CISO and other IT teams as required; dashboards may include but are not limited to vulnerability management, phishing, and 3rd party risk and incident response metrics
• Security Awareness & Training Responsible for administering the cyber security awareness training program for all employees
• Administer and maintain third-party phishing simulation platform
• Operational Management Produce and maintain regular written and in-person communications regarding pertinent security activities
• Produce and maintain procedures and policies pertaining to the information security program and its technologies
• Actively work with department technical and business colleagues to ensure optimal security solutions for the business needs

Benefits

• We provide generous paid time-off, medical/dental/vision healthcare plans, 401(k) retirement and profit-sharing plans, a flexible/hybrid work environment, “dress for the day” flexible work attire, and many more great benefits.